Education, Business and Technology NowdaysHomeContact Us
Every time you get on the internet the first thing that happens is that your computer’s browser contacts the Domain Name System or DNS. This is so your computer can get the IP address that corresponds to the particular domain you typed in the search engine. The DNS is by all accounts the largest database in the world. It is supported by millions of servers and administrators all over the world. Each of these servers supplies information about just a small piece of the domain name space.
There are two kinds of DNS servers. One is the authoritative name server and the other is the recursive name server. Authoritative servers are responsible for providing you with answers to questions about domain names in a zone. For example, if you wanted to find the website for darkreading.com and put that name into a search engine, the search engine would link you to an authoritative server that would display the websites IP address. If, however, you were linked to a recursive server the server would instead look in its cache first for the IP address, if the request is not in its cache, the server would continually ask for an authoritative server to get the IP address. As a general rule, most public servers are recursive.
While this system works fairly well, these processes were developed over 40 years ago and little attention was given to system security which is why you need DNS protection. All that was important then was the accuracy of the DNS records. However, this lack of security has allowed hackers to exploit this weakness to access the DNS zone data on the server they target. Once the DNS has been compromised, a hacker could then redirect all incoming traffic to a fake site or server that they control.
DNS servers today can be accessed by multiple people. Should a hacker get into a server because of this they could alter a domain’s DNS zone data. Once this is done, a hacker could then redirect all of that website’s incoming traffic to a different domain or server that the hacker controls. This fake server could then host fake sites to capture personal information or install malicious software on your computer. This is why DNS protection is so important. As an example, recent hacks by the Syrian Electronic Army have exploited these weaknesses to redirect users trying to access the New York Times, among other sites, and redirect the users to websites that support the Bashar Assad regime.Read More